Cyber Resilience

CVE-2026-28548

HighLPE

Published: 05 March 2026

Published
05 March 2026
Modified
05 March 2026
KEV Added
Patch
CVSS Score v3.1 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
EPSS Score 0.0001 0.8th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-28548 is a high-severity Improper Privilege Management (CWE-269) vulnerability in Huawei Emui. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Deeper analysis

CVE-2026-28548 is a vulnerability involving improper verification in the email application, as identified in Huawei's consumer support bulletin. Published on 2026-03-05, it carries a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N) and is associated with CWE-269 (Improper Privilege Management). Successful exploitation may affect service confidentiality.

The vulnerability can be exploited by a local attacker with no privileges required, though it demands low attack complexity and user interaction. Attackers can achieve high impacts on confidentiality and integrity, potentially allowing unauthorized access to sensitive email data or modification of email-related services without affecting availability.

Huawei has published a security bulletin detailing the issue at https://consumer.huawei.com/en/support/bulletin/2026/3/, which serves as the primary advisory for mitigation guidance and potential patches.

EU & UK References

Vulnerability details

Vulnerability of improper verification in the email application. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1114.001 Local Email Collection Collection
Adversaries may target user email on local systems to collect sensitive information.
Why these techniques?

Improper privilege management (CWE-269) in local email app directly enables T1068 for escalation to access resources; high confidentiality impact on email data facilitates T1114.001 local collection. UI:R and AV:L align with client-side exploitation.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-56447Same product: Huawei Emui
CVE-2026-34859Same product: Huawei Emui
CVE-2024-56449Same product: Huawei Emui
CVE-2024-58044Same product: Huawei Emui
CVE-2024-58043Same product: Huawei Emui
CVE-2024-57961Same product: Huawei Emui
CVE-2026-28553Same product: Huawei Emui
CVE-2026-28542Same product: Huawei Emui
CVE-2024-57960Same product: Huawei Emui
CVE-2024-56448Same product: Huawei Emui

Affected Assets

huawei
emui
12.0.0, 13.0.0, 14.0.0, 14.2.0
huawei
harmonyos
2.0.0, 3.1.0, 4.0.0, 4.2.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces access and authorization checks in the email application to block exploitation of improper verification.

prevent

Limits privileges assigned to email app processes and users, mitigating the CWE-269 improper privilege management flaw.

prevent

Ensures access control decisions are correctly evaluated before granting email service operations, addressing the verification gap.

References